Conventional approaches to partition of cryptographic functionality include a number of techniques involving delegation of cryptographic functionality from one entity to another.
One such technique permits delegation of decryption ability, and is referred to as Identity-Based Encryption (IBE). IBE is described in greater detail in, for example, D. Boneh and M. Franklin, “Identity-Based Encryption from the Weil Pairing,” Proceedings of Crypto 2001, and in IBE Secure E-mail, http://crypto.stanford.edu/ibe, both of which are incorporated by reference herein. In this technique, an authority delegates decryption ability to a recipient of ciphertexts.
In the IBE technique, the granularity with which the decryption ability can be delegated is inherently tied to intervals measured in time, namely, update intervals of associated public keys, rather than the number of ciphertexts the recipient can operate on. This results in a number of significant problems. For example, the IBE technique does not allow the delegation of computational ability on a per-computation level. Also, global timing synchronization is typically required. Furthermore, in order to delegate the decryption ability for a number of intervals, the authority must transmit that number of tokens to the recipient.
Other known partition techniques involve so-called “self-delegation,” that is, delegation of cryptographic functionality from one entity to itself. An example of such a technique is described in O. Goldreich, B. Pfitzmann and R. L. Rivest, “Self-Delegation with Controlled Propagation—or—What If You Lose Your Laptop,” Proceedings of Crypto 1998, pp. 153-168, which is incorporated by reference herein. However, these techniques are generally limited to the self-delegation context, and thus cannot be used to support inter-party delegation.
Another significant drawback associated with the conventional IBE and self-delegation approaches is that the IBE approach is only for decryption, and the self-delegation approach is only for authentication. Thus, neither of these approaches provides a general solution to the problem of partition of cryptographic functionality.
A variety of other techniques are known in the art. For example, U.S. Reissue Pat. No. 36,918 to Micali, entitled “Fair Cryptosystems and Methods of Use,” discloses derivation of certain cryptographic keys using a tree structure in order to provide time-bounded eavesdropping capabilities for law enforcement officials.
As another example, U.S. Pat. No. 6,539,092 to Kocher, entitled “Leak-Resistant Cryptographic Indexed Key Update,” discloses use of a tree structure to avoid power attacks.
Unfortunately, these techniques fail to address adequately the drawbacks of the above-described IBE and self-delegation approaches to partition of cryptographic functionality.
In view of the various problems and limitations associated with the conventional techniques described above, a need exists for improved techniques for partition of cryptographic functionality.